Bug#452789: xxd segfaults with large values for -c

Bram Moolenaar Bram at moolenaar.net
Tue Nov 27 21:26:31 UTC 2007


James -

> Large values for the -c option (approximately 100 or greater) cause xxd
> to segfault.  Where the segfault occurs seems to vary based on how large the
> columns option is.
> 
> I get this traceback when running "xxd -b -c 100 /usr/bin/xxd".
> 
>   Program terminated with signal 11, Segmentation fault.
>   #0  0xb7e6ce0d in getc () from /lib/i686/cmov/libc.so.6
>   (gdb) bt full
>   #0  0xb7e4ce0d in getc () from /lib/i686/cmov/libc.so.6
>   No symbol table info available.
>   #1  0x0804a0a2 in main (argc=2, argv=0xbfb6e3c0) at xxd.c:731
>       fp = (FILE *) 0x2e04c008
>       fpo = (FILE *) 0xb7f344e0
>       c = 16
>       e = 127
>       p = 1
>       relseek = 1
>       negseek = 0
>       revert = 0
>       cols = 100
>       nonzero = 1
>       autoskip = 0
>       hextype = 3
>       ebcdic = 0
>       octspergrp = 1
>       grplen = 9
>       length = -1
>       n = 1
>       seekoff = 0
>       l = "0000000: 01111111", ' ' <repeats 889 times>
>       pname = 0xbfb6f984 "xxd"
>       pp = 0xbfb6f992 "/usr/bin/xxd"
>   #2  0xb7e01450 in __libc_start_main () from /lib/i686/cmov/libc.so.6
>   No symbol table info available.
>   #3  0x08048851 in _start ()
>   No symbol table info available.
> 
> Yet when running "xxd -b -c 1000 /usr/bin/xxd" I get the following.
> 
>   Program terminated with signal 11, Segmentation fault.
>   #0  0x08049feb in main (argc=2, argv=0xbfc6acb0) at xxd.c:753
>   753	      l[11 + (grplen * cols - 1)/octspergrp + p] =
>   (gdb) bt full
>   #0  0x08049feb in main (argc=2, argv=0xbfc6acb0) at xxd.c:753
>       fp = (FILE *) 0x804c008
>       fpo = (FILE *) 0xb7f354e0
>       c = 16
>       e = 127
>       p = 0
>       relseek = 1
>       negseek = 0
>       revert = 0
>       cols = 1000
>       nonzero = 0
>       autoskip = 0
>       hextype = 3
>       ebcdic = 0
>       octspergrp = 1
>       grplen = 9
>       length = -1
>       n = 0
>       seekoff = 0
>       l = "0000000: 01111111", ' ' <repeats 889 times>
>       pname = 0xbfc6b983 "xxd"
>       pp = 0xbfc6b992 "/usr/bin/xxd"
>   #1  0xb7e02450 in __libc_start_main () from /lib/i686/cmov/libc.so.6
>   No symbol table info available.
>   #2  0x08048851 in _start ()
>   No symbol table info available.
> 
> The above tracebacks were generated after building xxd with no
> optimizations.

I'm not the maintainer of xxd, but since it's included with Vim I tried
fixing it anyway.  Please try the patch below and check that it fixes
the problem for you.

- Bram

*** ../vim-7.1.162/src/xxd/xxd.c	Thu May 10 19:07:42 2007
--- src/xxd/xxd.c	Tue Nov 27 22:20:19 2007
***************
*** 212,218 ****
  
  #define TRY_SEEK	/* attempt to use lseek, or skip forward by reading */
  #define COLS 256	/* change here, if you ever need more columns */
! #define LLEN (9 + (5*COLS-1)/2 + 2 + COLS)
  
  char hexxa[] = "0123456789abcdef0123456789ABCDEF", *hexx = hexxa;
  
--- 212,218 ----
  
  #define TRY_SEEK	/* attempt to use lseek, or skip forward by reading */
  #define COLS 256	/* change here, if you ever need more columns */
! #define LLEN (9 + (9*COLS-1)/2 + 2 + COLS)
  
  char hexxa[] = "0123456789abcdef0123456789ABCDEF", *hexx = hexxa;
  
***************
*** 590,596 ****
        default:			octspergrp = 0; break;
        }
  
!   if (cols < 1 || (!hextype && (cols > COLS)))
      {
        fprintf(stderr, "%s: invalid number of columns (max. %d).\n", pname, COLS);
        exit(1);
--- 590,597 ----
        default:			octspergrp = 0; break;
        }
  
!   if (cols < 1 || ((hextype == HEX_NORMAL || hextype == HEX_BITS)
! 							    && (cols > COLS)))
      {
        fprintf(stderr, "%s: invalid number of columns (max. %d).\n", pname, COLS);
        exit(1);


-- 
Although the scythe isn't pre-eminent among the weapons of war, anyone who
has been on the wrong end of, say, a peasants' revolt will know that in
skilled hands it is fearsome.
					-- (Terry Pratchett, Mort)

 /// Bram Moolenaar -- Bram at Moolenaar.net -- http://www.Moolenaar.net   \\\
///        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\        download, build and distribute -- http://www.A-A-P.org        ///
 \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///





More information about the pkg-vim-maintainers mailing list